Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
8593b087 by security tracker role at 2025-11-15T08:12:44+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,99 @@
+CVE-2025-9317 (The vulnerability, if exploited, could allow a miscreant with
read ac ...)
+ TODO: check
+CVE-2025-8994 (The Project Management, Team Collaboration, Kanban Board, Gantt
Charts ...)
+ TODO: check
+CVE-2025-8386 (The vulnerability, if exploited, could allow an authenticated
miscrean ...)
+ TODO: check
+CVE-2025-65072
+ REJECTED
+CVE-2025-65071
+ REJECTED
+CVE-2025-65070
+ REJECTED
+CVE-2025-65069
+ REJECTED
+CVE-2025-65068
+ REJECTED
+CVE-2025-65067
+ REJECTED
+CVE-2025-65066
+ REJECTED
+CVE-2025-65065
+ REJECTED
+CVE-2025-65064
+ REJECTED
+CVE-2025-64309 (Brightpick Mission Control discloses device telemetry,
configuration, ...)
+ TODO: check
+CVE-2025-64308 (The Brightpick Mission Control web application exposes
hardcoded crede ...)
+ TODO: check
+CVE-2025-64307 (The Brightpick Internal Logic Control web interface is
accessible wit ...)
+ TODO: check
+CVE-2025-64084 (An authenticated SQL injection vulnerability exists in
Cloudlog 2.7.5 ...)
+ TODO: check
+CVE-2025-63891 (Information Disclosure in web-accessible backup file in
SourceCodester ...)
+ TODO: check
+CVE-2025-63745 (A NULL pointer dereference vulnerability was discovered in
radare2 6.0 ...)
+ TODO: check
+CVE-2025-63744 (A NULL pointer dereference vulnerability was discovered in
radare2 6.0 ...)
+ TODO: check
+CVE-2025-62765 (General Industrial Controls Lynx+ Gatewayis vulnerable to a
cleartext ...)
+ TODO: check
+CVE-2025-59780 (General Industrial Controls Lynx+ Gatewayis missing critical
authentic ...)
+ TODO: check
+CVE-2025-58083 (General Industrial Controls Lynx+ Gateway is missing critical
authent ...)
+ TODO: check
+CVE-2025-55034 (General Industrial Controls Lynx+ Gatewayis vulnerable to a
weak passw ...)
+ TODO: check
+CVE-2025-1256
+ REJECTED
+CVE-2025-13191 (A vulnerability was determined in D-Link DIR-816L
2_06_b09_beta. This ...)
+ TODO: check
+CVE-2025-13190 (A vulnerability was found in D-Link DIR-816L 2_06_b09_beta.
This vulne ...)
+ TODO: check
+CVE-2025-13189 (A vulnerability has been found in D-Link DIR-816L
2_06_b09_beta. This ...)
+ TODO: check
+CVE-2025-13188 (A vulnerability was detected in D-Link DIR-816L 2_06_b09_beta.
Affecte ...)
+ TODO: check
+CVE-2025-13187 (A security vulnerability has been detected in Intelbras ICIP
2.0.20. A ...)
+ TODO: check
+CVE-2025-13186 (A weakness has been identified in Bdtask/CodeCanyon Isshue
Multi Store ...)
+ TODO: check
+CVE-2025-13185 (A security flaw has been discovered in Bdtask/CodeCanyon
News365 up to ...)
+ TODO: check
+CVE-2025-13182 (A vulnerability was identified in pojoin h3blog 1.0. The
impacted elem ...)
+ TODO: check
+CVE-2025-13181 (A vulnerability was determined in pojoin h3blog 1.0. The
affected elem ...)
+ TODO: check
+CVE-2025-12849 (The Contest Gallery plugin for WordPress is vulnerable to
authorizatio ...)
+ TODO: check
+CVE-2025-12847 (The All in One SEO \u2013 Powerful SEO Plugin to Boost SEO
Rankings & ...)
+ TODO: check
+CVE-2025-12494 (The Image Gallery \u2013 Photo Grid & Video Gallery plugin for
WordPre ...)
+ TODO: check
+CVE-2025-12182 (The Qi Blocks plugin for WordPress is vulnerable to
unauthorized acces ...)
+ TODO: check
+CVE-2023-7328 (Screen SFT DAB 600/C firmware versions up to and including
1.9.3 conta ...)
+ TODO: check
+CVE-2022-4985 (Vodafone H500s devices running firmware v3.5.10 (hardware model
Sercom ...)
+ TODO: check
+CVE-2021-4471 (TG8 Firewall exposes a directory such as /data/ over HTTP
without auth ...)
+ TODO: check
+CVE-2021-4470 (TG8 Firewall contains a pre-authentication remote code
execution vulne ...)
+ TODO: check
+CVE-2021-4469 (Denver SHO-110 IP cameras expose a secondary HTTP service on
TCP port ...)
+ TODO: check
+CVE-2021-4468 (PLANEX CS-QP50F-ING2 smart cameras expose a configuration
backup inter ...)
+ TODO: check
+CVE-2021-4467 (Positive Technologies MaxPatrol 8 and XSpider contain a remote
denial- ...)
+ TODO: check
+CVE-2021-4466 (IPCop versions up to and including 2.1.9 contain an
authenticated remo ...)
+ TODO: check
+CVE-2021-4465 (ReQuest Serious Play F3 Media Server versions 7.0.3.4968 (Pro),
7.0.2. ...)
+ TODO: check
+CVE-2018-25125 (Netis ADSL Router DL4322D firmware RTK 2.1.1 contains a buffer
overflo ...)
+ TODO: check
+CVE-2016-15056 (Ubee EVW3226 cable modem/routers firmware versions up to and
including ...)
+ TODO: check
CVE-2025-9982 (A vulnerability exists in QuickCMS version 6.8 where sensitive
admin c ...)
NOT-FOR-US: QuickCMS
CVE-2025-8870 (On affected platforms running Arista EOS, certain serial
console input ...)
@@ -426,13 +522,13 @@ CVE-2025-13120 (A vulnerability has been found in mruby
up to 3.4.0. This vulner
NOTE: Fixed by:
https://github.com/mruby/mruby/commit/eb398971bfb43c38db3e04528b68ac9a7ce509bc
CVE-2025-13119 (A flaw has been found in Fabian Ros/SourceCodester Simple
E-Banking Sy ...)
NOT-FOR-US: SourceCodester
-CVE-2025-13118 (A vulnerability was detected in macrozheng mall-swarm up to
1.0.3. Aff ...)
+CVE-2025-13118 (A vulnerability was detected in macrozheng mall-swarm and mall
up to 1 ...)
NOT-FOR-US: macrozheng mall-swarm
-CVE-2025-13117 (A security vulnerability has been detected in macrozheng
mall-swarm up ...)
+CVE-2025-13117 (A security vulnerability has been detected in macrozheng
mall-swarm an ...)
NOT-FOR-US: macrozheng mall-swarm
-CVE-2025-13116 (A weakness has been identified in macrozheng mall-swarm up to
1.0.3. A ...)
+CVE-2025-13116 (A weakness has been identified in macrozheng mall-swarm and
mall up to ...)
NOT-FOR-US: macrozheng mall-swarm
-CVE-2025-13115 (A security flaw has been discovered in macrozheng mall-swarm
up to 1.0 ...)
+CVE-2025-13115 (A security flaw has been discovered in macrozheng mall-swarm
and mall ...)
NOT-FOR-US: macrozheng mall-swarm
CVE-2025-13114 (A vulnerability was identified in macrozheng mall-swarm up to
1.0.3. T ...)
NOT-FOR-US: macrozheng mall-swarm
@@ -522,19 +618,19 @@ CVE-2011-10034 (AUTOMGEN versions up to and including
8.0.0.7 (also referenced a
NOT-FOR-US: AUTOMGEN
CVE-2025-12983
- gitlab <unfixed>
-CVE-2025-7736
+CVE-2025-7736 (GitLab has remediated an issue in GitLab CE/EE affecting all
versions ...)
- gitlab <not-affected> (Vulnerable code not yet present)
-CVE-2025-6171
+CVE-2025-6171 (GitLab has remediated an issue in GitLab CE/EE affecting all
versions ...)
- gitlab <unfixed>
-CVE-2025-11990
+CVE-2025-11990 (GitLab has remediated an issue in GitLab EE affecting all
versions fro ...)
- gitlab <not-affected> (Specific to EE)
-CVE-2025-6945
+CVE-2025-6945 (GitLab has remediated an issue in GitLab EE affecting all
versions fro ...)
- gitlab <not-affected> (Specific to EE)
-CVE-2025-7000
+CVE-2025-7000 (An issue has been discovered in GitLab CE/EE affecting all
versions f ...)
- gitlab <unfixed>
-CVE-2025-2615
+CVE-2025-2615 (GitLab has remediated an issue in GitLab CE/EE affecting all
versions ...)
- gitlab <unfixed>
-CVE-2025-11865
+CVE-2025-11865 (An issue has been discovered in GitLab EE affecting all
versions from ...)
- gitlab <not-affected> (Specific to EE)
CVE-2025-11224
- gitlab <unfixed>
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8593b0877449adb002b412829581153323697209
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8593b0877449adb002b412829581153323697209
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
